const express = require('express')
const router = express.Router()
const db = require('../../connection/Connection')
const jwt = require('jsonwebtoken')
const SECRET = 'asdfta219*&%^jWJSHFJ'


router.post('/updateAccess', async (req, res) => {
    const result = jwt.verify(req.body.token, SECRET)
    let sql = 'select departmentId from user_role where username = ?'
    db.base(sql, result.username, response_temp => {
        if (response_temp != null) {
            if (response_temp[0].departmentId == 999) {
                sql = 'UPDATE user SET role_id = ? WHERE username = ?'
                let data = [req.body.role_id, req.body.username]
                console.log(data)
                db.base(sql, data, response => {
                    if (response.affectedRows === 1) {
                        console.log(response)
                        res.json({
                            result: "success",
                            reason: response
                        })
                    }
                })
            } else {
                res.json({
                    result: "error",
                    reason: "无权限"
                })
            }
        } else {
            res.json({
                result: "error",
                reason: "无权限"
            })
        }
    })

})

module.exports = router
